- 03 Oct 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Manage Identities
- Updated on 03 Oct 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Identity creation involves assigning a unique set of attributes to a user, including their first and last name, email address, mobile number and relationship details with the organization like location, department, manager, and employee ID. After the identity is established, it is further defined by the assignment of roles, accounts, and entitlements.
Add an Identity
Navigate to Identities from the menu and click Add.
The Add Identity dialog box is displayed.
Specify the following details:
Username: Enter the username which is a unique attribute.
First Name: Enter the first name of an identity.
Last Name: Enter the last name of an identity.
Email address: Optionally provide an email address.
Mobile number: Optionally give the mobile number.
Full name: Enter the full name of an identity.
Department: Enter the department name.
Check the Assign Manager box. When the user is assigned to a manager, an email and SMS notification is sent to both the user and the assigned manager.
Check the Trigger Provisioning across authorized applications. This enables the user to have birthright access to default applications.
Click Add. An “ Identity added successfully” confirmation message is displayed.
Click Close.
Edit an Identity
Every identity has a unique work environment that the Administrator configures. You can edit identity details and configure additional details using View/Edit.
The orange icon linked to an identity shows a violation of SoD policy.
Select the identity you wish to edit.
Click View/edit. The Edit Identity screen appears.
You can edit an identity from the different tabs and click Save.
Note:
The Other tab shows how an identity is created manually, through an API or imported through CSV/AD/SoT.
Applications: It shows the application access to IGA and SSO.
On the IGA tab, click View Account to see the account and entitlement access.
The SSO tab lists the Single Sign-On applications a user or identity can access.
Reset Password/MFA: The Admin can select any MFA options to re-register for the Security question and soft token and re-send the welcome email.
Click Reset Password/MFA.
Choose an appropriate option:
Password: End user will receive an email with a new password to set a new password.
Security Questions/Soft Token: This option can be selected when an end user has registered for MFA.
Click Save.
A notification will appear to Trigger modification across authorized assets.
Click Proceed.
Delete an Identity
Select an identity you wish to delete.
Click Delete. The Delete Identity dialog box is displayed.
Select the required option:
Delete Identity: Deletes the Identity but maintains an orphan account for the identity.
Delete identity and associated application access: Deletes the identity, its access, and all user data.
Click Delete.
Suspend an Identity
The identity is suspended temporarily and the license will not be revoked. The status of an identity is changed to Inactive post-suspension.
Select the identity you wish to suspend.
Click Suspend.
Select Suspend associated Accesses? to suspend the connected access of the identity.
Click Suspend.
Restore an Identity
Once an identity is restored, the status will change to Active.
Select the identity you wish to restore.
Select Restore.
Select Restore associated applications? to restore the connected access.
Click Restore.
Deactivate an Identity
Unlike the suspend option, this option will permanently suspend the user and revoke the license. User status after deactivating will be DEACTIVATED.
Select an identity to deactivate and click Deactivate.
A confirmation pop-up appears. Click Deactivate associated Accesses to suspend the access from associated applications.
Click Deactivate and the identity is deactivated.